hosts: Refactor and new nomenclature

2026-02-09 20:39:18 -08:00 · 2021-09-09 00:56:01 +01:00 · 2021-09-09 00:56:01 +01:00 · f88022f847
commit f88022f847
parent 7b079e36d8
45 changed files with 471 additions and 591 deletions
--- a/config/modules/home/displays.nix
+++ b/config/modules/home/displays.nix
@ -0,0 +1,22 @@
+{ config, lib, nixos, ... }: with lib; {
+  options.hardware.displays = mkOption {
+    type = with types; attrsOf (submodule ({ config, ... }: {
+      options = {
+        pos = mkOption {
+          type = types.str;
+        };
+        res = mkOption {
+          type = types.str;
+        };
+      };
+    }));
+  };
+  config = mkMerge [
+    {
+      hardware.displays = nixos.hardware.displays;
+    }
+    (mkIf config.wayland.windowManager.sway.enable {
+      wayland.windowManager.sway.config.output = config.hardware.displays;
+    })
+  ];
+}
--- a/config/modules/meta/deploy.nix
+++ b/config/modules/meta/deploy.nix
@ -71,7 +71,7 @@ in
            config.tf = mkMerge (singleton
              ({ ... }: {
                imports = [
-                  ../../tf-common.nix
+                  ../../tf.nix
                ];
                deploy.gcroot = {
                  name = mkDefault "kw-${config.name}";
--- a/config/modules/meta/imports.nix
+++ b/config/modules/meta/imports.nix
@ -22,6 +22,7 @@ with lib;
  config = {
    network.importing = {
      nixosImports = mkDefault (map (path: toString path) [
+        (root + "/config/hosts/HN.nix")
        (root + "/config/hosts/HN/nixos.nix")
        (root + "/config/trusted/hosts/HN/nixos.nix")
      ]);
--- a/config/modules/nixos/displays.nix
+++ b/config/modules/nixos/displays.nix
@ -0,0 +1,14 @@
+{ config, lib, ... }: with lib; {
+  options.hardware.displays = mkOption {
+    type = with types; attrsOf (submodule ({ config, ... }: {
+      options = {
+        pos = mkOption {
+          type = types.str;
+        };
+        res = mkOption {
+          type = types.str;
+        };
+      };
+    }));
+  };
+}
--- a/config/modules/nixos/yggdrasil.nix
+++ b/config/modules/nixos/yggdrasil.nix
@ -25,71 +25,75 @@ in
      description = "Open Firewall completely for the network";
      default = false;
    };
-    listen.enable = mkOption {
-      type = types.bool;
-      description = "Allow other hosts in the network to connect directly";
-      default = false;
+    listen = {
+      enable = mkOption {
+        type = types.bool;
+        description = "Allow other hosts in the network to connect directly";
+        default = false;
+      };
+      endpoints = mkOption {
+        type = types.listOf types.str;
+        description = "Endpoints to listen on";
+        default = [ ];
+      };
    };
-    listen.endpoints = mkOption {
-      type = types.listOf types.str;
-      description = "Endpoints to listen on";
-      default = [ ];
+    tunnel = {
+      localV6 = mkOption {
+        type = types.listOf types.str;
+        description = "v6 subnets to expose";
+        default = [ ];
+      };
+      localV4 = mkOption {
+        type = types.listOf types.str;
+        description = "v4 subnets to expose";
+        default = [ ];
+      };
+      remoteV6 = mkOption {
+        type = types.attrsOf types.str;
+        description = "Extra v6 subnets to route";
+        default = { };
+      };
+      remoteV4 = mkOption {
+        type = types.attrsOf types.str;
+        description = "Extra v4 subnets to route";
+        default = { };
+      };
    };
-    dns.enable = mkOption {
-      type = types.bool;
-      description = "enable automatic dns record generation";
-      default = false;
+    extra = {
+      pubkeys = mkOption {
+        type = types.attrsOf types.str;
+        description = "Additional hosts to allow into the network. Keys won't be added to definition host.";
+        default = { };
+        example = { host = "0000000000000000000000000000000000000000000000000000000000000000"; };
+      };
+      addresses = mkOption {
+        type = types.attrsOf types.str;
+        internal = true;
+        default = mapAttrs (_: c: calcAddr c) cfg.extra.pubkeys;
+      };
+      localV6 = mkOption {
+        type = types.listOf types.str;
+        description = "v6 subnets to expose, but not route";
+        default = [ ];
+      };
+      localV4 = mkOption {
+        type = types.listOf types.str;
+        description = "v4 subnets to expose, but not route";
+        default = [ ];
+      };
    };
-    dns.zone = mkOption {
-      type = types.str;
-      description = "Main zone to insert DNS records into";
-      default = "lilwit.ch";
-    };
-    dns.subdomain = mkOption {
-      type = types.str;
-      description = "subdomain to put the records into";
-      default = "net";
-    };
-    tunnel.localV6 = mkOption {
-      type = types.listOf types.str;
-      description = "v6 subnets to expose";
-      default = [ ];
-    };
-    tunnel.localV4 = mkOption {
-      type = types.listOf types.str;
-      description = "v4 subnets to expose";
-      default = [ ];
-    };
-    tunnel.remoteV6 = mkOption {
-      type = types.attrsOf types.str;
-      description = "Extra v6 subnets to route";
-      default = { };
-    };
-    tunnel.remoteV4 = mkOption {
-      type = types.attrsOf types.str;
-      description = "Extra v4 subnets to route";
-      default = { };
-    };
-    extra.pubkeys = mkOption {
-      type = types.attrsOf types.str;
-      description = "Additional hosts to allow into the network. Keys won't be added to definition host.";
-      default = { };
-      example = { host = "0000000000000000000000000000000000000000000000000000000000000000"; };
-    };
-    extra.addresses = mkOption {
-      type = types.attrsOf types.str;
-      internal = true;
-      default = mapAttrs (_: c: calcAddr c) cfg.extra.pubkeys;
-    };
-    extra.localV6 = mkOption {
-      type = types.listOf types.str;
-      description = "v6 subnets to expose, but not route";
-      default = [ ];
-    };
-    extra.localV4 = mkOption {
-      type = types.listOf types.str;
-      description = "v4 subnets to expose, but not route";
-      default = [ ];
+    extern = {
+      pubkeys = mkOption {
+        type = types.attrsOf types.str;
+        description = "Additional hosts to allow into the network. Keys won't be added to definition host.";
+        default = { };
+        example = { host = "0000000000000000000000000000000000000000000000000000000000000000"; };
+      };
+      endpoints = mkOption {
+        type = types.listOf types.str;
+        description = "Endpoints to listen on";
+        default = [ ];
+      };
    };
  };

@ -102,7 +106,7 @@ in
        (
          mapAttrsToList (_: node: node.network.yggdrasil or { enable = false; pubkey = null; }) meta.network.nodes
        );
-      pubkeys = flatten (map (c: [ c.pubkey ] ++ (attrValues c.extra.pubkeys)) yggConfigs);
+      pubkeys = flatten ((filter (n: n != "0000000000000000000000000000000000000000000000000000000000000000") (attrValues cfg.extern.pubkeys)) ++ (map (c: [ c.pubkey ] ++ (attrValues c.extra.pubkeys)) yggConfigs));
    in
    {
      assertions = [
@ -121,7 +125,7 @@ in
          AllowedEncryptionPublicKeys = pubkeys;
          IfName = "yggdrasil";
          Listen = cfg.listen.endpoints;
-          Peers = lib.flatten (map (c: c.listen.endpoints) (filter (c: c.listen.enable) yggConfigs));
+          Peers = lib.flatten (cfg.extern.endpoints ++ (map (c: c.listen.endpoints) (filter (c: c.listen.enable) yggConfigs)));
          SessionFirewall = {
            Enable = true;
            AllowFromRemote = false;